Bug 404067

Comment 1 Paweł Hajdan, Jr. (RETIRED) 2012-02-16 08:40:00 UTC

Please test things and stabilize.

Comment 2 Agostino Sarubbo 2012-02-17 10:17:08 UTC

(In reply to comment #1)
> Please test things and stabilize.

www-client/chromium-17.0.963.56 stable on amd64.

Pawel, next time please use a syntax to describe what packages and what version.

e.g. Please mark stable:
=www-client/chromium-17.0.963.56

Comment 3 Paweł Hajdan, Jr. (RETIRED) 2012-02-17 11:34:57 UTC

x86 stable, GLSA draft is ready for review

Comment 4 GLSAMaker/CVETool Bot 2012-02-18 17:36:34 UTC

This issue was resolved and addressed in
 GLSA 201202-01 at http://security.gentoo.org/glsa/glsa-201202-01.xml
by GLSA coordinator Tim Sammut (underling).

Comment 5 GLSAMaker/CVETool Bot 2012-02-20 05:04:58 UTC

CVE-2011-3027 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3027):
  Google Chrome before 17.0.963.56 does not properly perform a cast of an
  unspecified variable during handling of columns, which allows remote
  attackers to cause a denial of service or possibly have unknown other impact
  via a crafted document.

CVE-2011-3025 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3025):
  Google Chrome before 17.0.963.56 does not properly parse H.264 data, which
  allows remote attackers to cause a denial of service (out-of-bounds read)
  via unspecified vectors.

CVE-2011-3024 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3024):
  Google Chrome before 17.0.963.56 allows remote attackers to cause a denial
  of service (application crash) via an empty X.509 certificate.

CVE-2011-3023 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3023):
  Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows
  user-assisted remote attackers to cause a denial of service or possibly have
  unspecified other impact via vectors related to drag-and-drop operations.

CVE-2011-3022 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3022):
  translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x
  before 19.0.1036.7 uses an HTTP session to exchange data for translation,
  which allows remote attackers to obtain sensitive information by sniffing
  the network.

CVE-2011-3021 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3021):
  Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to subframe loading.

CVE-2011-3020 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3020):
  Unspecified vulnerability in the Native Client validator implementation in
  Google Chrome before 17.0.963.56 has unknown impact and remote attack
  vectors.

CVE-2011-3019 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3019):
  Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote
  attackers to cause a denial of service or possibly have unspecified other
  impact via a crafted Matroska video (aka MKV) file.

CVE-2011-3018 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3018):
  Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote
  attackers to cause a denial of service or possibly have unspecified other
  impact via vectors related to path rendering.

CVE-2011-3017 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3017):
  Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors related to database handling.

CVE-2011-3016 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3016):
  Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows
  remote attackers to cause a denial of service or possibly have unspecified
  other impact via vectors involving counter nodes, related to a
  "read-after-free" issue.